dnf install tdb-tools and wala it finishes as expected. :-)
On Mon, Jul 10, 2017 at 10:58 AM, Jeff Sadowski <jeff.sadowski at
gmail.com>
wrote:
> OK so I don't have a program tdbbackup. Where do I get it?
>
> On Mon, Jul 10, 2017 at 10:38 AM, Jeff Sadowski <jeff.sadowski at
gmail.com>
> wrote:
>
>>
>>
>> On Mon, Jul 10, 2017 at 9:45 AM, Jeff Sadowski <jeff.sadowski at
gmail.com>
>> wrote:
>>
>>> In /usr/lib64/python2.7/site-packages/samba/provision/sambadns.py
>>>
>>> Update: It is failing in create_samdb_copy specifically here:
>>>
>>> # Copy root, config, schema partitions (and any other if any)
>>> # Since samdb is open in the current process, copy them in a
child
>>> process
>>> try:
>>> tdb_copy(os.path.join(private_dir, "sam.ldb"),
>>> os.path.join(dns_dir, "sam.ldb"))
>>> for nc in partfile:
>>> pfile = partfile[nc]
>>> tdb_copy(os.path.join(private_dir, pfile),
>>> os.path.join(dns_dir, pfile))
>>>
>>> Let me try and figure out what his is doing and I'll write some
prints
>>> to find out what the culprit is.
>>>
>>
>> I printed out os.path.join(private_dir, "sam.ldb")
>> and os.path.join(dns_dir, "sam.ldb") they both look fine.
>>
>> From: /var/lib/samba/private/sam.ldb
>> To: /var/lib/samba/private/dns/sam.ldb
>>
>> I put a print statement under tdb_copy that is not reached so the
problem
>> is there.
>> Now to go find tdb_copy and see what it is complaining about.
>>
>> I see the line
>>
>> from samba.tdb_util import tdb_copy
>>
>> So I'm off to find that function and to see what it is complaining
about.
>>
>>
>>
>>>
>>>
>>> On Mon, Jul 10, 2017 at 9:17 AM, Jeff Sadowski <jeff.sadowski at
gmail.com>
>>> wrote:
>>>
>>>> I found the file /usr/lib64/python2.7/site
>>>> -packages/samba/provision/sambadns.py
>>>> I was looking through it and seemed to come across the area
where I am
>>>> having problems.
>>>>
>>>> In the create_dns_dir function
>>>>
>>>> I wanted to see what paths.dns had and what dns_dir where
getting set
>>>> to.
>>>>
>>>> so I did a simple print and found
>>>>
>>>> paths.dir is set to /var/lib/samba/private/dns/
>>>> fedora.methanemaker.mooo.com.zone
>>>> and
>>>> dns_dir is set to /var/lib/samba/private/dns
>>>>
>>>> next I check those directories
>>>>
>>>> [root at dc1 ~]# ls -l /var/lib/samba/private/dns/fed
>>>> ora.methanemaker.mooo.com.zone
>>>> ls: cannot access '/var/lib/samba/private/dns/fe
>>>> dora.methanemaker.mooo.com.zone': No such file or directory
>>>> [root at dc1 ~]# mkdir -p /var/lib/samba/private/dns/fed
>>>> ora.methanemaker.mooo.com.zone
>>>>
>>>> it looks like samba-tool removes that directory
>>>>
>>>> I'll keep looking for the culprit in that function.
>>>>
>>>>
>>>>
>>>>
>>>> On Mon, Jul 10, 2017 at 8:50 AM, Jeff Sadowski
<jeff.sadowski at gmail.com
>>>> > wrote:
>>>>
>>>>>
>>>>> On Mon, Jul 10, 2017 at 8:02 AM, Rowland Penny via samba
<
>>>>> samba at lists.samba.org> wrote:
>>>>>
>>>>>> On Mon, 10 Jul 2017 06:43:37 -0600
>>>>>> Jeff Sadowski <jeff.sadowski at gmail.com> wrote:
>>>>>>
>>>>>> > Bind-9.11 is installed. How do you configure it?
Does it need
>>>>>> anything
>>>>>> > special in the config for samba to build the
...samba.../named.conf
>>>>>> > file that I should be able to include in my
/etc/named.conf
>>>>>> > afterwards?
>>>>>>
>>>>>> With Fedora being a bit 'bleeding edge', I just
wondered if they had
>>>>>> started using Bind10, but 9.11 should be okay, Samba
knows all about
>>>>>> that version ;-)
>>>>>>
>>>>>> >
>>>>>> > My guess is that some directory is missing. But
if I start fresh
>>>>>> and
>>>>>> > configure samba with the internal dns it gets all
the way through
>>>>>> it's
>>>>>> > configuration with no errors.
>>>>>>
>>>>>> Not sure, all I can tell you is what packages I install
when creating
>>>>>> a
>>>>>> DC on Devuan:
>>>>>>
>>>>>> samba acl attr quota fam winbind libpam-winbind
libpam-krb5
>>>>>> libnss-winbind krb5-config krb5-user ntp dnsutils
ldb-tools bind9
>>>>>> bind9utils
>>>>>>
>>>>>> of course fedora would have all different package
names.
>>>>> I avoided installing bind-chroot and
bind-sdb-chroot.x86_64 as the
>>>>> bind dlz info on samba
>>>>> said not to chroot bind I'm not sure what bind99 libs
are but I
>>>>> installed all other bind
>>>>> packages listed with "dnf list bind*"
>>>>>
>>>>> [root at dc1 ~]# dnf list dns* |grep -v i686
>>>>> Last metadata expiration check: 2:40:26 ago on Mon 10 Jul
2017
>>>>> 05:51:50 AM MDT.
>>>>> Installed Packages
>>>>> dnsjava.noarch 2.1.3-12.fc26
>>>>> @rawhide
>>>>> Available Packages
>>>>> dnscap.x86_64 141-11.fc26
>>>>> rawhide
>>>>> dnscrypt-proxy.x86_64 1.9.0-2.fc26
>>>>> rawhide
>>>>> dnscrypt-proxy-gui.x86_64 1.11.10-1.fc27
>>>>> rawhide
>>>>> dnsdist.x86_64 1.1.0-6.fc27
>>>>> rawhide
>>>>> dnsenum.noarch 1.2.4.2-7.fc27
>>>>> rawhide
>>>>> dnsjava-javadoc.noarch 2.1.3-12.fc26
>>>>> rawhide
>>>>> dnsmap.x86_64 0.30-11.fc26
>>>>> rawhide
>>>>> dnsmasq.x86_64 2.77-3.fc27
>>>>> rawhide
>>>>> dnsmasq-utils.x86_64 2.77-3.fc27
>>>>> rawhide
>>>>> dnsperf.x86_64 2.1.0.0-7.fc27
>>>>> rawhide
>>>>> dnssec-check.x86_64 2.1-7.fc26
>>>>> rawhide
>>>>> dnssec-nodes.x86_64 2.1-6.fc26
>>>>> rawhide
>>>>> dnssec-system-tray.x86_64 2.1-6.fc26
>>>>> rawhide
>>>>> dnssec-tools.x86_64 2.2-3.fc25
>>>>> rawhide
>>>>> dnssec-tools-libs.x86_64 2.2-3.fc25
>>>>> rawhide
>>>>> dnssec-tools-libs-devel.x86_64 2.2-3.fc25
>>>>> rawhide
>>>>> dnssec-tools-perlmods.x86_64 2.2-3.fc25
>>>>> rawhide
>>>>> dnssec-trigger.x86_64 0.13-3.fc27
>>>>> rawhide
>>>>> dnssec-trigger-panel.x86_64 0.13-3.fc27
>>>>> rawhide
>>>>> dnssec4j.noarch 0.1.6-3.fc26
>>>>> rawhide
>>>>> dnssec4j-javadoc.noarch 0.1.6-3.fc26
>>>>> rawhide
>>>>> dnstop.x86_64 20140915-4.fc26
>>>>> rawhide
>>>>> dnstracer.x86_64 1.9-16.fc27
>>>>> rawhide
>>>>> dnsyo.noarch 2.0.7-3.fc26
>>>>> rawhide
>>>>>
>>>>> dnssec-tools look interesting but when I try to install
those I get
>>>>> errors.
>>>>>
>>>>> [root at dc1 ~]# dnf install dnssec-*
>>>>> Last metadata expiration check: 2:41:47 ago on Mon 10 Jul
2017
>>>>> 05:51:50 AM MDT.
>>>>> Error:
>>>>> Problem 1: conflicting requests
>>>>> - nothing provides perl(:MODULE_COMPAT_5.24.0) needed by
>>>>> dnssec-tools-2.2-3.fc25.x86_64
>>>>> Problem 2: conflicting requests
>>>>> - nothing provides libperl.so.5.24()(64bit) needed by
>>>>> dnssec-tools-perlmods-2.2-3.fc25.x86_64
>>>>>
>>>>> I'll have to go plead with the package maintainer.
Although I'm not
>>>>> sure even if I install those if that is really what it is
complaining about.
>>>>> I wonder what tool the samba-tool uses. I'll have to go
try and see if
>>>>> I can figure it out so I know what it is I really need.
>>>>>
>>>>> nothing interesting listing in lippam*
>>>>> I installed a lot of pam* that looks like what I might
need. I have
>>>>> pam_krb5
>>>>>
>>>>>
>>>>> >
>>>>>> > I've tried without named running and with it
running and get the
>>>>>> same
>>>>>> > error. Mayke something missing in the python
scripts building the
>>>>>> dns
>>>>>> > file.
>>>>>> >
>>>>>>
>>>>>> I just install Bind9, configure it, but do not start
it. I then
>>>>>> provision Samba. I then start Bind9 followed by Samba
and it just
>>>>>> works. Perhaps there is something wrong in your bind
conf files ?
>>>>>>
>>>>>>
>>>>> If i do a query against the local dns I get a return so it
looks like
>>>>> when running it works fine.
>>>>>
>>>>> my named.conf looks like so
>>>>>
>>>>> options {
>>>>> listen-on port 53 { 127.0.0.1; };
>>>>> listen-on-v6 port 53 { ::1; };
>>>>> directory "/var/named";
>>>>> dump-file
"/var/named/data/cache_dump.db";
>>>>> statistics-file
"/var/named/data/named_stats.txt";
>>>>> memstatistics-file
"/var/named/data/named_mem_stats.txt";
>>>>> allow-query { localhost; };
>>>>> recursion yes;
>>>>> dnssec-enable yes;
>>>>> dnssec-validation yes;
>>>>> managed-keys-directory
"/var/named/dynamic";
>>>>> pid-file "/run/named/named.pid";
>>>>> session-keyfile "/run/named/session.key";
>>>>> include
"/etc/crypto-policies/back-ends/bind.config";
>>>>> };
>>>>> logging {
>>>>> channel default_debug {
>>>>> file "data/named.run";
>>>>> severity dynamic;
>>>>> };
>>>>> };
>>>>> zone "." IN {
>>>>> type hint;
>>>>> file "named.ca";
>>>>> };
>>>>> include "/etc/named.rfc1912.zones";
>>>>> include "/etc/named.root.key";
>>>>>
>>>>> /etc/crypto-policies/back-ends/bind.config looks like
>>>>>
>>>>> disable-algorithms "." {
>>>>> RSAMD5;
>>>>> };
>>>>> disable-ds-digests "." {
>>>>> GOST;
>>>>> };
>>>>>
>>>>>
>>>>>
>>>>>> Rowland
>>>>>>
>>>>>> --
>>>>>> To unsubscribe from this list go to the following URL
and read the
>>>>>> instructions:
https://lists.samba.org/mailman/options/samba
>>>>>>
>>>>>
>>>>>
>>>>
>>>
>>
>